Date: Fri, 18 Jan 2013 22:13:30 +0100
From: Christian Forler <christian.forler@...-weimar.de>
To: crypt-dev@...ts.openwall.com
Subject: Password Scrambling
Hello crypt-dev,
I'm a (junior) research assistant in the field of symmetric crypto,
especially provable security.
Why I'm here?
Last year I met Jacob Sparre Andersen. He had made myself aware of the
fact that a subset of the BSD community is looking for a new password
scrambling algorithms. The algorithm that is currently used seems to do
not provide adequate resistance against GPU based password recovery
attacks.
After that, I discussed this topic within our research group
(http://www.uni-weimar.de/cms/medien/mediensicherheit/home.html). Since
then we have had a couple of nifty ideas. Actually, we have just started
to write a paper about this stuff.
This week at ESC'13 Jean-Philippe told me that there are is some
activity about this topic within the security community, and that there
will be an upcoming password scrambler competition. So, I'm here. :-)
Short story:
I'm here thanks to JP and some accidental coincidences.
Anyway! In the next couple of weeks, we will write an academic paper
introducing a new password scrambler (key derivation function). After
that, I will try to supply you with an abbreviated version of our
extended abstract, if desired.
Best regards,
Christian